From bbf474811b7233cda7797037990340fe3b6ee9b7 Mon Sep 17 00:00:00 2001 From: Pol Henarejos Date: Wed, 11 Dec 2024 21:58:25 +0100 Subject: [PATCH] Add sanity checks. Signed-off-by: Pol Henarejos --- src/fido/credential.c | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/src/fido/credential.c b/src/fido/credential.c index ea878d5..4eea40c 100644 --- a/src/fido/credential.c +++ b/src/fido/credential.c @@ -147,6 +147,10 @@ int credential_load(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *r int ret = 0; CborError error = CborNoError; uint8_t *copy_cred_id = (uint8_t *) calloc(1, cred_id_len); + if (!cred) { + CBOR_ERROR(CTAP2_ERR_INVALID_CREDENTIAL); + } + memset(cred, 0, sizeof(Credential)); memcpy(copy_cred_id, cred_id, cred_id_len); ret = credential_verify(copy_cred_id, cred_id_len, rp_id_hash); if (ret != 0) { // U2F? @@ -236,17 +240,19 @@ err: } void credential_free(Credential *cred) { - CBOR_FREE_BYTE_STRING(cred->rpId); - CBOR_FREE_BYTE_STRING(cred->userId); - CBOR_FREE_BYTE_STRING(cred->userName); - CBOR_FREE_BYTE_STRING(cred->userDisplayName); - CBOR_FREE_BYTE_STRING(cred->id); - if (cred->extensions.present) { - CBOR_FREE_BYTE_STRING(cred->extensions.credBlob); + if (cred) { + CBOR_FREE_BYTE_STRING(cred->rpId); + CBOR_FREE_BYTE_STRING(cred->userId); + CBOR_FREE_BYTE_STRING(cred->userName); + CBOR_FREE_BYTE_STRING(cred->userDisplayName); + CBOR_FREE_BYTE_STRING(cred->id); + if (cred->extensions.present) { + CBOR_FREE_BYTE_STRING(cred->extensions.credBlob); + } + cred->present = false; + cred->extensions.present = false; + cred->opts.present = false; } - cred->present = false; - cred->extensions.present = false; - cred->opts.present = false; } int credential_store(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *rp_id_hash) {